<?php

    class User_remember_model extends CI_Model {
        public function __construct() {
            parent::__construct();
            $this->load->database();            
            $this->config->load('security_para');
        }
        
        public function is_exist_saved_session($email) {    //测试该用户是否曾经设置过自动登录
            $query = $this->db->get_where('user_saved_session', array('email' => $email));
            if ($query->num_rows() > 0) {
                return TRUE;
            } else {
                return FALSE;
            }
        }
        
        public function create_or_get_saved_session($email) {   //用户采用口令登录并设置使用自动登录时使用的函数，之后获取也使用此函数
            $query = $this->db->get_where('user_saved_session', array('email' => $email));
            if ($query->num_rows() > 0) {
                if ( $query->row()->last_ip !== $this->input->ip_address() ) {
                    $update_saved_session  = array (
                        "last_ip" => $this->input->ip_address()
                    );
                    $this->db->update('user_saved_session', $update_saved_session);
                    $query = $this->db->get_where('user_saved_session', array('email' => $email));
                }
                return $query->row();
            }
            else {
                $origin_seed = ''.mt_rand().microtime();
                $new_saved_session  = array (
                    "email" => $email,
                    "identify_token" => md5($origin_seed.'identify'.$email),
                    "session_token" => md5($origin_seed.'session'.$email),
                    "last_ip" => $this->input->ip_address()
                );
                $this->db->insert('user_saved_session', $new_saved_session);
                $query = $this->db->get_where('user_saved_session', array('email' => $email));
                return $query->row();
            }
        }
        
        public function check_and_update_saved_session($email, $identify_token, $session_token) {   //测试用户cookies中保存的两个token并作出相应的行为
            $query = $this->db->get_where('user_saved_session', array('email' => $email, 'identify_token' => $identify_token));
            if ($query->num_rows() > 0) {
                $saved_session = $query->row();
                if ( $saved_session->session_token_change_count >= $this->config->item('remember_count_expiration') ) {
                    $this->db->delete('user_saved_session', array('email' => $email));
                    return -1;  //已经达到改变的上限，返回检验失败的结果并清除保存的内容
                }
                else if ( $session_token !== $saved_session->session_token ) {
                    $update_saved_session  = array (
                        "session_token" => $session_token,
                        "last_ip" => $this->input->ip_address(),
                        "session_token_change_count" => ( $saved_session->session_token_change_count + 1 )
                    );
                    $this->db->update('user_saved_session', $update_saved_session, array('email' => $email, 'identify_token' => $identify_token));
                    return 1;    //返回1代表session_token不同，并已经更新token并增加了计数器
                }
                else if ( $query->row()->last_ip !== $this->input->ip_address() ) {
                    $origin_seed = ''.mt_rand().microtime();
                    $update_saved_session  = array (
                        "session_token" => md5($origin_seed.'session'.$email),
                        "last_ip" => $this->input->ip_address(),
                        "session_token_change_count" => ( $saved_session->session_token_change_count + 1 )
                    );
                    $this->db->update('user_saved_session', $update_saved_session, array('email' => $email, 'identify_token' => $identify_token));
                    return 2;   //返回2代表虽然两个token的验证都通过，但是IP的验证没有通过，所以将生成新的token并增加计数器
                }
                else {
                    return 0;   //返回0代表所有验证都通过，没有进行任何操作
                }
            }
            else
                return -1;  //返回-1代表检验失败，没有该条验证记录
        }
    }
?>
